|
209031
|
5.5 |
MEDIUM
Local
|
trendmicro
|
interscan_messaging_security_virtual_appliance
|
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-27019
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209032
|
5.5 |
MEDIUM
Local
|
trendmicro
|
interscan_messaging_security_virtual_appliance
|
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-27018
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209033
|
4.9 |
MEDIUM
Network
|
trendmicro
|
interscan_messaging_security_virtual_appliance
|
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an XML External Entity Processing (XXE) vulnerability which could allow an authenticated administrator to read …
|
CWE-611
XXE
|
CVE-2020-27017
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209034
|
8.8 |
HIGH
Network
|
trendmicro
|
interscan_messaging_security_virtual_appliance
|
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a cross-site request forgery (CSRF) vulnerability which could allow an attacker to modify policy rules by trick…
|
CWE-352
Origin Validation Error
|
CVE-2020-27016
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209035
|
9.8 |
CRITICAL
Network
|
percona
|
percona_server
|
An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the SimpleLDAP authentication in conjunction with Microsoft’s Active Directory, Percona has …
|
CWE-287
Improper Authentication
|
CVE-2020-26542
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209036
|
6.7 |
MEDIUM
Local
|
cisco
|
sd-wan_vmanage
|
A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. T…
|
CWE-88
Argument Injection
|
CVE-2020-27129
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209037
|
6.5 |
MEDIUM
Network
|
cisco
|
sd-wan
|
A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to write arbitrary files to an affected system. The vulnerability is d…
|
CWE-22
Path Traversal
|
CVE-2020-27128
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209038
|
5.5 |
MEDIUM
Local
|
cisco
|
anyconnect_secure_mobility_client
|
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to read arbitrary files on the unde…
|
NVD-CWE-noinfo
|
CVE-2020-27123
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209039
|
6.7 |
MEDIUM
Local
|
cisco
|
identity_services_engine
|
A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to elevate privileges on an affected device. To expl…
|
CWE-269
Improper Privilege Management
|
CVE-2020-27122
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209040
|
6.5 |
MEDIUM
Network
|
cisco
|
unified_communications_manager_im_and_presence_service
|
A vulnerability in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) Software could allow an authenticated, remote attacker to cause the Cisco XCP Authentication Se…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-27121
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
